以两台服务器节点为例,无特殊说明两个节点均需要安装配置
1. 安装配置nginx
1.1 安装nginx环境所需依赖
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel
1.2 下载并解压nginx安装包。官方下载地址
wget http://nginx.org/download/nginx-1.13.7.tar.gz
tar -xvf nginx-1.13.7.tar.gz
1.3 安装nginx
# 进入nginx目录执行命令
cd nginx-1.13.7
./configure
make && make install
1.4 配置nginx软连接
ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
1.5 设置nginx环境变量
vi /etc/profile
PATH=$PATH:/usr/local/nginx/sbin
export PATH
source /etc/profile
1.6 设置nginx自启
vi /lib/systemd/system/nginx.service
#加入以下代码
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
#使生效
systemctl enable nginx.service
1.7 配置nginx负载
# 例如有两个服务, 地址分别是 n1.bigdatatest.com,n2.bigdatatest.com
cd /usr/local/nginx/
vi conf/nginx.conf
# 例如有两个服务, 地址分别是 n1.bigdatatest.com,n2.bigdatatest.com
cd /usr/local/nginx/
vi conf/nginx.conf
upstream kylinTest {
server n1.bigdatatest.com;
server n2.bigdatatest.com;
ip_hash;
}
server {
listen 81;
server_name localhost;
location / {
proxy_pass http://kylinTest;
proxy_set_header Host $http_host;
proxy_cookie_path / /;
proxy_cookie_domain http://kylinTest 127.0.0.1:81;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
1.8 启动
systemctl start nginx
2. 安装配置keepalived
参考文章Keepalived 搭建 Nginx 集群(主从模式)
2.1 安装
yum install keepalived -y
2.2 修改配置文件,默认在/etc/keepalived/keepalived.conf
注意: 检测脚本一定要写在vrrp_instance的前面,括号前后要有空格,trace_script要写在vip的后面
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email { # 异常邮件通知
acassen@firewall.loc # 收件人邮箱
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc # 配置发件人邮箱
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict # 注释掉严格模式
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "/etc/keepalived/chk_nginx.sh" # keepalived 监测 nginx 的监本路径和名称
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER # 服务器状态,MASTER 代表主服务器, BACKUP 是备份服务器
interface eth0 # 通信端口,通过 ifconfig 命令可以看到,根据自己的机器配置
virtual_router_id 190 # 虚拟路由 ID ,主实例和副本实例保持一致
priority 100 # 权重比,主服务器的 priority 比副本服务器大即可
advert_int 1 # 心跳间隔,单位秒, keepalived 多机器集群通过心跳检测,如果发送心跳没反应,就立刻接管
authentication { # 服务器之间的通信密码
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { # 自定义虚拟 ip ,可以配置多个,每行一个
172.20.11.190
}
track_script { # keepalived 的监测脚本,与 vrrp_script 定义的名称一致
chk_haproxy
}
}
2.3 编写验证脚本
vi /etc/keepalived/chk_nginx.sh
#!/bin/bash
# nginx 挂掉之后, keepalived 重新启动 nginx ,若不能启动 则关闭当前 keepalived
status=`ps -ef|grep -w nginx|grep -v grep|wc -l`
echo ${status}
if [ ${status} -eq 0 ]; then
systemctl start nginx.service
sleep 2
status2=`ps -ef|grep -w nginx|grep -v grep|wc -l`
echo ${status2}
if [ ${status2} -eq 0 ]; then
systemctl stop keepalived.service
fi
fi
注:如果开启了防火墙可能出现两台都出现VIP现象,需要开启vrrp协议
# 如果防火墙是firewall
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --protocol vrrp -j ACCEPT
firewall-cmd --reload
# 如果是iptables,主节点上运行命令时就写副节点IP,副节点运行命令时就写主节点IP
-A INPUT -i em1 -p vrrp -s [其他节点的IP] -j ACCEPT
2.4 启动
systemctl start keepalived
# 设置开机自启
systemctl enable keepalived
2.5 测试
当两台正常启动时,通过ip a命令查看, VIP应该在主的上,即节点1
当把节点1的nginx关闭,节点一的Keepalived会自动启动nginx。只有当nginx无法被自动拉起时,keepalived才会自动关闭
这里直接停止keepalived,VIP将指向备机
systemctl stop keepalived
这时 VIP在节点2上
当把节点1的keepalived启动时,VIP将重新被节点1接管
systemctl start keepalived